diff --git a/tests/handlers/test_appservice.py b/tests/handlers/test_appservice.py
index d6f14e2dba..fe57ff2671 100644
--- a/tests/handlers/test_appservice.py
+++ b/tests/handlers/test_appservice.py
@@ -1,4 +1,4 @@
-# Copyright 2015, 2016 OpenMarket Ltd
+# Copyright 2015-2021 The Matrix.org Foundation C.I.C.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -12,18 +12,23 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+from typing import Dict, Iterable, List, Optional
from unittest.mock import Mock
from twisted.internet import defer
+import synapse.rest.admin
+import synapse.storage
+from synapse.appservice import ApplicationService
from synapse.handlers.appservice import ApplicationServicesHandler
+from synapse.rest.client import login, receipts, room, sendtodevice
from synapse.types import RoomStreamToken
+from synapse.util.stringutils import random_string
-from tests.test_utils import make_awaitable
+from tests import unittest
+from tests.test_utils import make_awaitable, simple_async_mock
from tests.utils import MockClock
-from .. import unittest
-
class AppServiceHandlerTestCase(unittest.TestCase):
"""Tests the ApplicationServicesHandler."""
@@ -36,6 +41,9 @@ class AppServiceHandlerTestCase(unittest.TestCase):
hs.get_datastore.return_value = self.mock_store
self.mock_store.get_received_ts.return_value = make_awaitable(0)
self.mock_store.set_appservice_last_pos.return_value = make_awaitable(None)
+ self.mock_store.set_appservice_stream_type_pos.return_value = make_awaitable(
+ None
+ )
hs.get_application_service_api.return_value = self.mock_as_api
hs.get_application_service_scheduler.return_value = self.mock_scheduler
hs.get_clock.return_value = MockClock()
@@ -63,8 +71,8 @@ class AppServiceHandlerTestCase(unittest.TestCase):
]
self.handler.notify_interested_services(RoomStreamToken(None, 1))
- self.mock_scheduler.submit_event_for_as.assert_called_once_with(
- interested_service, event
+ self.mock_scheduler.enqueue_for_appservice.assert_called_once_with(
+ interested_service, events=[event]
)
def test_query_user_exists_unknown_user(self):
@@ -261,7 +269,6 @@ class AppServiceHandlerTestCase(unittest.TestCase):
"""
interested_service = self._mkservice(is_interested=True)
services = [interested_service]
-
self.mock_store.get_app_services.return_value = services
self.mock_store.get_type_stream_id_for_appservice.return_value = make_awaitable(
579
@@ -275,10 +282,10 @@ class AppServiceHandlerTestCase(unittest.TestCase):
self.handler.notify_interested_services_ephemeral(
"receipt_key", 580, ["@fakerecipient:example.com"]
)
- self.mock_scheduler.submit_ephemeral_events_for_as.assert_called_once_with(
- interested_service, [event]
+ self.mock_scheduler.enqueue_for_appservice.assert_called_once_with(
+ interested_service, ephemeral=[event]
)
- self.mock_store.set_type_stream_id_for_appservice.assert_called_once_with(
+ self.mock_store.set_appservice_stream_type_pos.assert_called_once_with(
interested_service,
"read_receipt",
580,
@@ -305,7 +312,10 @@ class AppServiceHandlerTestCase(unittest.TestCase):
self.handler.notify_interested_services_ephemeral(
"receipt_key", 580, ["@fakerecipient:example.com"]
)
- self.mock_scheduler.submit_ephemeral_events_for_as.assert_not_called()
+ # This method will be called, but with an empty list of events
+ self.mock_scheduler.enqueue_for_appservice.assert_called_once_with(
+ interested_service, ephemeral=[]
+ )
def _mkservice(self, is_interested, protocols=None):
service = Mock()
@@ -321,3 +331,252 @@ class AppServiceHandlerTestCase(unittest.TestCase):
service.token = "mock_service_token"
service.url = "mock_service_url"
return service
+
+
+class ApplicationServicesHandlerSendEventsTestCase(unittest.HomeserverTestCase):
+ """
+ Tests that the ApplicationServicesHandler sends events to application
+ services correctly.
+ """
+
+ servlets = [
+ synapse.rest.admin.register_servlets_for_client_rest_resource,
+ login.register_servlets,
+ room.register_servlets,
+ sendtodevice.register_servlets,
+ receipts.register_servlets,
+ ]
+
+ def prepare(self, reactor, clock, hs):
+ # Mock the ApplicationServiceScheduler's _TransactionController's send method so that
+ # we can track any outgoing ephemeral events
+ self.send_mock = simple_async_mock()
+ hs.get_application_service_handler().scheduler.txn_ctrl.send = self.send_mock
+
+ # Mock out application services, and allow defining our own in tests
+ self._services: List[ApplicationService] = []
+ self.hs.get_datastore().get_app_services = Mock(return_value=self._services)
+
+ # A user on the homeserver.
+ self.local_user_device_id = "local_device"
+ self.local_user = self.register_user("local_user", "password")
+ self.local_user_token = self.login(
+ "local_user", "password", self.local_user_device_id
+ )
+
+ # A user on the homeserver which lies within an appservice's exclusive user namespace.
+ self.exclusive_as_user_device_id = "exclusive_as_device"
+ self.exclusive_as_user = self.register_user("exclusive_as_user", "password")
+ self.exclusive_as_user_token = self.login(
+ "exclusive_as_user", "password", self.exclusive_as_user_device_id
+ )
+
+ @unittest.override_config(
+ {"experimental_features": {"msc2409_to_device_messages_enabled": True}}
+ )
+ def test_application_services_receive_local_to_device(self):
+ """
+ Test that when a user sends a to-device message to another user
+ that is an application service's user namespace, the
+ application service will receive it.
+ """
+ interested_appservice = self._register_application_service(
+ namespaces={
+ ApplicationService.NS_USERS: [
+ {
+ "regex": "@exclusive_as_user:.+",
+ "exclusive": True,
+ }
+ ],
+ },
+ )
+
+ # Have local_user send a to-device message to exclusive_as_user
+ message_content = {"some_key": "some really interesting value"}
+ chan = self.make_request(
+ "PUT",
+ "/_matrix/client/r0/sendToDevice/m.room_key_request/3",
+ content={
+ "messages": {
+ self.exclusive_as_user: {
+ self.exclusive_as_user_device_id: message_content
+ }
+ }
+ },
+ access_token=self.local_user_token,
+ )
+ self.assertEqual(chan.code, 200, chan.result)
+
+ # Have exclusive_as_user send a to-device message to local_user
+ chan = self.make_request(
+ "PUT",
+ "/_matrix/client/r0/sendToDevice/m.room_key_request/4",
+ content={
+ "messages": {
+ self.local_user: {self.local_user_device_id: message_content}
+ }
+ },
+ access_token=self.exclusive_as_user_token,
+ )
+ self.assertEqual(chan.code, 200, chan.result)
+
+ # Check if our application service - that is interested in exclusive_as_user - received
+ # the to-device message as part of an AS transaction.
+ # Only the local_user -> exclusive_as_user to-device message should have been forwarded to the AS.
+ #
+ # The uninterested application service should not have been notified at all.
+ self.send_mock.assert_called_once()
+ service, _events, _ephemeral, to_device_messages = self.send_mock.call_args[0]
+
+ # Assert that this was the same to-device message that local_user sent
+ self.assertEqual(service, interested_appservice)
+ self.assertEqual(to_device_messages[0]["type"], "m.room_key_request")
+ self.assertEqual(to_device_messages[0]["sender"], self.local_user)
+
+ # Additional fields 'to_user_id' and 'to_device_id' specifically for
+ # to-device messages via the AS API
+ self.assertEqual(to_device_messages[0]["to_user_id"], self.exclusive_as_user)
+ self.assertEqual(
+ to_device_messages[0]["to_device_id"], self.exclusive_as_user_device_id
+ )
+ self.assertEqual(to_device_messages[0]["content"], message_content)
+
+ @unittest.override_config(
+ {"experimental_features": {"msc2409_to_device_messages_enabled": True}}
+ )
+ def test_application_services_receive_bursts_of_to_device(self):
+ """
+ Test that when a user sends >100 to-device messages at once, any
+ interested AS's will receive them in separate transactions.
+
+ Also tests that uninterested application services do not receive messages.
+ """
+ # Register two application services with exclusive interest in a user
+ interested_appservices = []
+ for _ in range(2):
+ appservice = self._register_application_service(
+ namespaces={
+ ApplicationService.NS_USERS: [
+ {
+ "regex": "@exclusive_as_user:.+",
+ "exclusive": True,
+ }
+ ],
+ },
+ )
+ interested_appservices.append(appservice)
+
+ # ...and an application service which does not have any user interest.
+ self._register_application_service()
+
+ to_device_message_content = {
+ "some key": "some interesting value",
+ }
+
+ # We need to send a large burst of to-device messages. We also would like to
+ # include them all in the same application service transaction so that we can
+ # test large transactions.
+ #
+ # To do this, we can send a single to-device message to many user devices at
+ # once.
+ #
+ # We insert number_of_messages - 1 messages into the database directly. We'll then
+ # send a final to-device message to the real device, which will also kick off
+ # an AS transaction (as just inserting messages into the DB won't).
+ number_of_messages = 150
+ fake_device_ids = [f"device_{num}" for num in range(number_of_messages - 1)]
+ messages = {
+ self.exclusive_as_user: {
+ device_id: to_device_message_content for device_id in fake_device_ids
+ }
+ }
+
+ # Create a fake device per message. We can't send to-device messages to
+ # a device that doesn't exist.
+ self.get_success(
+ self.hs.get_datastore().db_pool.simple_insert_many(
+ desc="test_application_services_receive_burst_of_to_device",
+ table="devices",
+ keys=("user_id", "device_id"),
+ values=[
+ (
+ self.exclusive_as_user,
+ device_id,
+ )
+ for device_id in fake_device_ids
+ ],
+ )
+ )
+
+ # Seed the device_inbox table with our fake messages
+ self.get_success(
+ self.hs.get_datastore().add_messages_to_device_inbox(messages, {})
+ )
+
+ # Now have local_user send a final to-device message to exclusive_as_user. All unsent
+ # to-device messages should be sent to any application services
+ # interested in exclusive_as_user.
+ chan = self.make_request(
+ "PUT",
+ "/_matrix/client/r0/sendToDevice/m.room_key_request/4",
+ content={
+ "messages": {
+ self.exclusive_as_user: {
+ self.exclusive_as_user_device_id: to_device_message_content
+ }
+ }
+ },
+ access_token=self.local_user_token,
+ )
+ self.assertEqual(chan.code, 200, chan.result)
+
+ self.send_mock.assert_called()
+
+ # Count the total number of to-device messages that were sent out per-service.
+ # Ensure that we only sent to-device messages to interested services, and that
+ # each interested service received the full count of to-device messages.
+ service_id_to_message_count: Dict[str, int] = {}
+
+ for call in self.send_mock.call_args_list:
+ service, _events, _ephemeral, to_device_messages = call[0]
+
+ # Check that this was made to an interested service
+ self.assertIn(service, interested_appservices)
+
+ # Add to the count of messages for this application service
+ service_id_to_message_count.setdefault(service.id, 0)
+ service_id_to_message_count[service.id] += len(to_device_messages)
+
+ # Assert that each interested service received the full count of messages
+ for count in service_id_to_message_count.values():
+ self.assertEqual(count, number_of_messages)
+
+ def _register_application_service(
+ self,
+ namespaces: Optional[Dict[str, Iterable[Dict]]] = None,
+ ) -> ApplicationService:
+ """
+ Register a new application service, with the given namespaces of interest.
+
+ Args:
+ namespaces: A dictionary containing any user, room or alias namespaces that
+ the application service is interested in.
+
+ Returns:
+ The registered application service.
+ """
+ # Create an application service
+ appservice = ApplicationService(
+ token=random_string(10),
+ hostname="example.com",
+ id=random_string(10),
+ sender="@as:example.com",
+ rate_limited=False,
+ namespaces=namespaces,
+ supports_ephemeral=True,
+ )
+
+ # Register the application service
+ self._services.append(appservice)
+
+ return appservice
diff --git a/tests/handlers/test_deactivate_account.py b/tests/handlers/test_deactivate_account.py
new file mode 100644
index 0000000000..01096a1581
--- /dev/null
+++ b/tests/handlers/test_deactivate_account.py
@@ -0,0 +1,325 @@
+# Copyright 2021 The Matrix.org Foundation C.I.C.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+from http import HTTPStatus
+from typing import Any, Dict
+
+from twisted.test.proto_helpers import MemoryReactor
+
+from synapse.api.constants import AccountDataTypes
+from synapse.push.rulekinds import PRIORITY_CLASS_MAP
+from synapse.rest import admin
+from synapse.rest.client import account, login
+from synapse.server import HomeServer
+from synapse.util import Clock
+
+from tests.unittest import HomeserverTestCase
+
+
+class DeactivateAccountTestCase(HomeserverTestCase):
+ servlets = [
+ login.register_servlets,
+ admin.register_servlets,
+ account.register_servlets,
+ ]
+
+ def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None:
+ self._store = hs.get_datastore()
+
+ self.user = self.register_user("user", "pass")
+ self.token = self.login("user", "pass")
+
+ def _deactivate_my_account(self):
+ """
+ Deactivates the account `self.user` using `self.token` and asserts
+ that it returns a 200 success code.
+ """
+ req = self.get_success(
+ self.make_request(
+ "POST",
+ "account/deactivate",
+ {
+ "auth": {
+ "type": "m.login.password",
+ "user": self.user,
+ "password": "pass",
+ },
+ "erase": True,
+ },
+ access_token=self.token,
+ )
+ )
+ self.assertEqual(req.code, HTTPStatus.OK, req)
+
+ def test_global_account_data_deleted_upon_deactivation(self) -> None:
+ """
+ Tests that global account data is removed upon deactivation.
+ """
+ # Add some account data
+ self.get_success(
+ self._store.add_account_data_for_user(
+ self.user,
+ AccountDataTypes.DIRECT,
+ {"@someone:remote": ["!somewhere:remote"]},
+ )
+ )
+
+ # Check that we actually added some.
+ self.assertIsNotNone(
+ self.get_success(
+ self._store.get_global_account_data_by_type_for_user(
+ self.user, AccountDataTypes.DIRECT
+ )
+ ),
+ )
+
+ # Request the deactivation of our account
+ self._deactivate_my_account()
+
+ # Check that the account data does not persist.
+ self.assertIsNone(
+ self.get_success(
+ self._store.get_global_account_data_by_type_for_user(
+ self.user, AccountDataTypes.DIRECT
+ )
+ ),
+ )
+
+ def test_room_account_data_deleted_upon_deactivation(self) -> None:
+ """
+ Tests that room account data is removed upon deactivation.
+ """
+ room_id = "!room:test"
+
+ # Add some room account data
+ self.get_success(
+ self._store.add_account_data_to_room(
+ self.user,
+ room_id,
+ "m.fully_read",
+ {"event_id": "$aaaa:test"},
+ )
+ )
+
+ # Check that we actually added some.
+ self.assertIsNotNone(
+ self.get_success(
+ self._store.get_account_data_for_room_and_type(
+ self.user, room_id, "m.fully_read"
+ )
+ ),
+ )
+
+ # Request the deactivation of our account
+ self._deactivate_my_account()
+
+ # Check that the account data does not persist.
+ self.assertIsNone(
+ self.get_success(
+ self._store.get_account_data_for_room_and_type(
+ self.user, room_id, "m.fully_read"
+ )
+ ),
+ )
+
+ def _is_custom_rule(self, push_rule: Dict[str, Any]) -> bool:
+ """
+ Default rules start with a dot: such as .m.rule and .im.vector.
+ This function returns true iff a rule is custom (not default).
+ """
+ return "/." not in push_rule["rule_id"]
+
+ def test_push_rules_deleted_upon_account_deactivation(self) -> None:
+ """
+ Push rules are a special case of account data.
+ They are stored separately but get sent to the client as account data in /sync.
+ This tests that deactivating a user deletes push rules along with the rest
+ of their account data.
+ """
+
+ # Add a push rule
+ self.get_success(
+ self._store.add_push_rule(
+ self.user,
+ "personal.override.rule1",
+ PRIORITY_CLASS_MAP["override"],
+ [],
+ [],
+ )
+ )
+
+ # Test the rule exists
+ push_rules = self.get_success(self._store.get_push_rules_for_user(self.user))
+ # Filter out default rules; we don't care
+ push_rules = list(filter(self._is_custom_rule, push_rules))
+ # Check our rule made it
+ self.assertEqual(
+ push_rules,
+ [
+ {
+ "user_name": "@user:test",
+ "rule_id": "personal.override.rule1",
+ "priority_class": 5,
+ "priority": 0,
+ "conditions": [],
+ "actions": [],
+ "default": False,
+ }
+ ],
+ push_rules,
+ )
+
+ # Request the deactivation of our account
+ self._deactivate_my_account()
+
+ push_rules = self.get_success(self._store.get_push_rules_for_user(self.user))
+ # Filter out default rules; we don't care
+ push_rules = list(filter(self._is_custom_rule, push_rules))
+ # Check our rule no longer exists
+ self.assertEqual(push_rules, [], push_rules)
+
+ def test_ignored_users_deleted_upon_deactivation(self) -> None:
+ """
+ Ignored users are a special case of account data.
+ They get denormalised into the `ignored_users` table upon being stored as
+ account data.
+ Test that a user's list of ignored users is deleted upon deactivation.
+ """
+
+ # Add an ignored user
+ self.get_success(
+ self._store.add_account_data_for_user(
+ self.user,
+ AccountDataTypes.IGNORED_USER_LIST,
+ {"ignored_users": {"@sheltie:test": {}}},
+ )
+ )
+
+ # Test the user is ignored
+ self.assertEqual(
+ self.get_success(self._store.ignored_by("@sheltie:test")), {self.user}
+ )
+
+ # Request the deactivation of our account
+ self._deactivate_my_account()
+
+ # Test the user is no longer ignored by the user that was deactivated
+ self.assertEqual(
+ self.get_success(self._store.ignored_by("@sheltie:test")), set()
+ )
+
+ def _rerun_retroactive_account_data_deletion_update(self) -> None:
+ # Reset the 'all done' flag
+ self._store.db_pool.updates._all_done = False
+
+ self.get_success(
+ self._store.db_pool.simple_insert(
+ "background_updates",
+ {
+ "update_name": "delete_account_data_for_deactivated_users",
+ "progress_json": "{}",
+ },
+ )
+ )
+
+ self.wait_for_background_updates()
+
+ def test_account_data_deleted_retroactively_by_background_update_if_deactivated(
+ self,
+ ) -> None:
+ """
+ Tests that a user, who deactivated their account before account data was
+ deleted automatically upon deactivation, has their account data retroactively
+ scrubbed by the background update.
+ """
+
+ # Request the deactivation of our account
+ self._deactivate_my_account()
+
+ # Add some account data
+ # (we do this after the deactivation so that the act of deactivating doesn't
+ # clear it out. This emulates a user that was deactivated before this was cleared
+ # upon deactivation.)
+ self.get_success(
+ self._store.add_account_data_for_user(
+ self.user,
+ AccountDataTypes.DIRECT,
+ {"@someone:remote": ["!somewhere:remote"]},
+ )
+ )
+
+ # Check that the account data is there.
+ self.assertIsNotNone(
+ self.get_success(
+ self._store.get_global_account_data_by_type_for_user(
+ self.user,
+ AccountDataTypes.DIRECT,
+ )
+ ),
+ )
+
+ # Re-run the retroactive deletion update
+ self._rerun_retroactive_account_data_deletion_update()
+
+ # Check that the account data was cleared.
+ self.assertIsNone(
+ self.get_success(
+ self._store.get_global_account_data_by_type_for_user(
+ self.user,
+ AccountDataTypes.DIRECT,
+ )
+ ),
+ )
+
+ def test_account_data_preserved_by_background_update_if_not_deactivated(
+ self,
+ ) -> None:
+ """
+ Tests that the background update does not scrub account data for users that have
+ not been deactivated.
+ """
+
+ # Add some account data
+ # (we do this after the deactivation so that the act of deactivating doesn't
+ # clear it out. This emulates a user that was deactivated before this was cleared
+ # upon deactivation.)
+ self.get_success(
+ self._store.add_account_data_for_user(
+ self.user,
+ AccountDataTypes.DIRECT,
+ {"@someone:remote": ["!somewhere:remote"]},
+ )
+ )
+
+ # Check that the account data is there.
+ self.assertIsNotNone(
+ self.get_success(
+ self._store.get_global_account_data_by_type_for_user(
+ self.user,
+ AccountDataTypes.DIRECT,
+ )
+ ),
+ )
+
+ # Re-run the retroactive deletion update
+ self._rerun_retroactive_account_data_deletion_update()
+
+ # Check that the account data was NOT cleared.
+ self.assertIsNotNone(
+ self.get_success(
+ self._store.get_global_account_data_by_type_for_user(
+ self.user,
+ AccountDataTypes.DIRECT,
+ )
+ ),
+ )
diff --git a/tests/handlers/test_password_providers.py b/tests/handlers/test_password_providers.py
index 2add72b28a..94809cb8be 100644
--- a/tests/handlers/test_password_providers.py
+++ b/tests/handlers/test_password_providers.py
@@ -20,10 +20,11 @@ from unittest.mock import Mock
from twisted.internet import defer
import synapse
+from synapse.api.constants import LoginType
from synapse.handlers.auth import load_legacy_password_auth_providers
from synapse.module_api import ModuleApi
-from synapse.rest.client import devices, login, logout
-from synapse.types import JsonDict
+from synapse.rest.client import devices, login, logout, register
+from synapse.types import JsonDict, UserID
from tests import unittest
from tests.server import FakeChannel
@@ -156,6 +157,7 @@ class PasswordAuthProviderTests(unittest.HomeserverTestCase):
login.register_servlets,
devices.register_servlets,
logout.register_servlets,
+ register.register_servlets,
]
def setUp(self):
@@ -745,6 +747,79 @@ class PasswordAuthProviderTests(unittest.HomeserverTestCase):
on_logged_out.assert_called_once()
self.assertTrue(self.called)
+ def test_username(self):
+ """Tests that the get_username_for_registration callback can define the username
+ of a user when registering.
+ """
+ self._setup_get_username_for_registration()
+
+ username = "rin"
+ channel = self.make_request(
+ "POST",
+ "/register",
+ {
+ "username": username,
+ "password": "bar",
+ "auth": {"type": LoginType.DUMMY},
+ },
+ )
+ self.assertEqual(channel.code, 200)
+
+ # Our callback takes the username and appends "-foo" to it, check that's what we
+ # have.
+ mxid = channel.json_body["user_id"]
+ self.assertEqual(UserID.from_string(mxid).localpart, username + "-foo")
+
+ def test_username_uia(self):
+ """Tests that the get_username_for_registration callback is only called at the
+ end of the UIA flow.
+ """
+ m = self._setup_get_username_for_registration()
+
+ # Initiate the UIA flow.
+ username = "rin"
+ channel = self.make_request(
+ "POST",
+ "register",
+ {"username": username, "type": "m.login.password", "password": "bar"},
+ )
+ self.assertEqual(channel.code, 401)
+ self.assertIn("session", channel.json_body)
+
+ # Check that the callback hasn't been called yet.
+ m.assert_not_called()
+
+ # Finish the UIA flow.
+ session = channel.json_body["session"]
+ channel = self.make_request(
+ "POST",
+ "register",
+ {"auth": {"session": session, "type": LoginType.DUMMY}},
+ )
+ self.assertEqual(channel.code, 200, channel.json_body)
+ mxid = channel.json_body["user_id"]
+ self.assertEqual(UserID.from_string(mxid).localpart, username + "-foo")
+
+ # Check that the callback has been called.
+ m.assert_called_once()
+
+ def _setup_get_username_for_registration(self) -> Mock:
+ """Registers a get_username_for_registration callback that appends "-foo" to the
+ username the client is trying to register.
+ """
+
+ async def get_username_for_registration(uia_results, params):
+ self.assertIn(LoginType.DUMMY, uia_results)
+ username = params["username"]
+ return username + "-foo"
+
+ m = Mock(side_effect=get_username_for_registration)
+
+ password_auth_provider = self.hs.get_password_auth_provider()
+ password_auth_provider.get_username_for_registration_callbacks.append(m)
+
+ return m
+
def _get_login_flows(self) -> JsonDict:
channel = self.make_request("GET", "/_matrix/client/r0/login")
self.assertEqual(channel.code, 200, channel.result)
diff --git a/tests/handlers/test_profile.py b/tests/handlers/test_profile.py
index c153018fd8..60235e5699 100644
--- a/tests/handlers/test_profile.py
+++ b/tests/handlers/test_profile.py
@@ -11,12 +11,13 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
-
+from typing import Any, Dict
from unittest.mock import Mock
import synapse.types
from synapse.api.errors import AuthError, SynapseError
from synapse.rest import admin
+from synapse.server import HomeServer
from synapse.types import UserID
from tests import unittest
@@ -46,7 +47,7 @@ class ProfileTestCase(unittest.HomeserverTestCase):
)
return hs
- def prepare(self, reactor, clock, hs):
+ def prepare(self, reactor, clock, hs: HomeServer):
self.store = hs.get_datastore()
self.frank = UserID.from_string("@1234abcd:test")
@@ -248,3 +249,92 @@ class ProfileTestCase(unittest.HomeserverTestCase):
),
SynapseError,
)
+
+ def test_avatar_constraints_no_config(self):
+ """Tests that the method to check an avatar against configured constraints skips
+ all of its check if no constraint is configured.
+ """
+ # The first check that's done by this method is whether the file exists; if we
+ # don't get an error on a non-existing file then it means all of the checks were
+ # successfully skipped.
+ res = self.get_success(
+ self.handler.check_avatar_size_and_mime_type("mxc://test/unknown_file")
+ )
+ self.assertTrue(res)
+
+ @unittest.override_config({"max_avatar_size": 50})
+ def test_avatar_constraints_missing(self):
+ """Tests that an avatar isn't allowed if the file at the given MXC URI couldn't
+ be found.
+ """
+ res = self.get_success(
+ self.handler.check_avatar_size_and_mime_type("mxc://test/unknown_file")
+ )
+ self.assertFalse(res)
+
+ @unittest.override_config({"max_avatar_size": 50})
+ def test_avatar_constraints_file_size(self):
+ """Tests that a file that's above the allowed file size is forbidden but one
+ that's below it is allowed.
+ """
+ self._setup_local_files(
+ {
+ "small": {"size": 40},
+ "big": {"size": 60},
+ }
+ )
+
+ res = self.get_success(
+ self.handler.check_avatar_size_and_mime_type("mxc://test/small")
+ )
+ self.assertTrue(res)
+
+ res = self.get_success(
+ self.handler.check_avatar_size_and_mime_type("mxc://test/big")
+ )
+ self.assertFalse(res)
+
+ @unittest.override_config({"allowed_avatar_mimetypes": ["image/png"]})
+ def test_avatar_constraint_mime_type(self):
+ """Tests that a file with an unauthorised MIME type is forbidden but one with
+ an authorised content type is allowed.
+ """
+ self._setup_local_files(
+ {
+ "good": {"mimetype": "image/png"},
+ "bad": {"mimetype": "application/octet-stream"},
+ }
+ )
+
+ res = self.get_success(
+ self.handler.check_avatar_size_and_mime_type("mxc://test/good")
+ )
+ self.assertTrue(res)
+
+ res = self.get_success(
+ self.handler.check_avatar_size_and_mime_type("mxc://test/bad")
+ )
+ self.assertFalse(res)
+
+ def _setup_local_files(self, names_and_props: Dict[str, Dict[str, Any]]):
+ """Stores metadata about files in the database.
+
+ Args:
+ names_and_props: A dictionary with one entry per file, with the key being the
+ file's name, and the value being a dictionary of properties. Supported
+ properties are "mimetype" (for the file's type) and "size" (for the
+ file's size).
+ """
+ store = self.hs.get_datastore()
+
+ for name, props in names_and_props.items():
+ self.get_success(
+ store.store_local_media(
+ media_id=name,
+ media_type=props.get("mimetype", "image/png"),
+ time_now_ms=self.clock.time_msec(),
+ upload_name=None,
+ media_length=props.get("size", 50),
+ user_id=UserID.from_string("@rin:test"),
+ )
+ )
diff --git a/tests/handlers/test_user_directory.py b/tests/handlers/test_user_directory.py
index 70c621b825..482c90ef68 100644
--- a/tests/handlers/test_user_directory.py
+++ b/tests/handlers/test_user_directory.py
@@ -169,7 +169,9 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):
# Register an AS user.
user = self.register_user("user", "pass")
token = self.login(user, "pass")
- as_user = self.register_appservice_user("as_user_potato", self.appservice.token)
+ as_user, _ = self.register_appservice_user(
+ "as_user_potato", self.appservice.token
+ )
# Join the AS user to rooms owned by the normal user.
public, private = self._create_rooms_and_inject_memberships(
@@ -388,7 +390,7 @@ class UserDirectoryTestCase(unittest.HomeserverTestCase):
def test_handle_local_profile_change_with_appservice_user(self) -> None:
# create user
- as_user_id = self.register_appservice_user(
+ as_user_id, _ = self.register_appservice_user(
"as_user_alice", self.appservice.token
)
|
